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I .   INTRODUCTION 

In  many  respects,  the  Department  of  Defense  is  an  entity 
driven  by  the  need  for  timely,  accurate  information.  From 
battlefield  to  carrier  battlegroup,  office  to  organization, 
the  ability  to  exchange  information  is  vital  to  the  accom- 
plishment of  any  mission,  as  well  as  the  effective  and 
efficient  administration  of  day  to  day  operations.  In  a 
tactical  environment,  the  term  connectivity  denotes  a  state  of 
being  able  to  conduct  both  voice  and  data  exchange  in  a  timely 
fashion,  but  in  a  broader  sense  this  term  can  also  imply  the 
state  of  reliable  communications  between  two  geographically 
separated  computers . 

At  the  Naval  Postgraduate  School  the  need  for  the  ability 
to  exchange  information  with  other  organizations  is  just  as 
important,  with  electronic  communications  between  computer 
resources  being  a  primary  method  of  exchange.  The  principle 
method  of  achieving  this  connectivity  is  through  the  Internet, 
with  a  set  of  communication  protocols  derived  from  it  known  as 
Transmission  Control  Protocol/Internet  Protocol  (TCP/IP) . 
There  are  a  number  of  options  for  accessing  remote  computers 
using  the  Internet  and  these  protocols,  and  after  a  brief 
overview  of  the  major  ingredients  to  achieving  connectivity, 
a  thorough  discussion  of  alternatives  for  implementing  them 
will  be  discussed. 


A.   INTERNET  BACKGROUND 

The  Internet  as  it  is  known  today  evolved  from  the  ARPANET 
research  that  began  in  the  1960s.  The  Internet  actually 
consists  of  the  Defense  Research  Internet  (DRI) ,  National 
Science  Foundation  Network  (NSFNET) ,  and  the  Military  Traffic 
Network  (MILNET) ,  which  is  part  of  the  Data  Defense  Network 
(DDN)  (Miller,  1991  p. 223).  These  networks  are  connected  to 
each  other  and  users  can  send  messages  from  any  of  them  to  any 
other,  except  where  there  are  security  or  other  policy 
restrictions  on  access.  (Hedrick,  1988  p.  1) 

1 .  What  is  Internetworking? 

Internetworking,  the  ultimate  goal  of  using  networks 

such  as  the  DDN,  can  be  defined  as:  "communication  between 

data  processing  devices  on  one  network  and  other,  possibly 

dissimilar  devices  on  another  network".  (Miller,  1991,  p.l) 

The  internetwork,  or  internet  concept  is  an  extremely 
powerful  one.  It  detaches  the  notions  of  communication 
from  the  details  of  network  technologies  and  hides  low- 
level  details  from  the  user.  (Comer,  1990,  p.  52) 

With  the  ability  to  internetwork,  the  user  now  has  the  ability 
to  conduct  the  exchange  of  information  over  very  long  distanc- 
es in  near  real  time.  Information  access  and  retrieval  times 
decrease,  along  with  an  increase  in  the  ability  to  share 
resources,  a  keystone  of  networking. 


2 .   Internet  Addressing 

In  order  to  get  information  from  one  computer  to  the 
other  on  a  network  (be  it  a  local  or  a  wide  area  network)  , 
each  has  to  have  an  address,  much  like  a  mailing  address  for 
people . 

a.  Assigning  Host  Addresses 

Each  host  on  the  Internet  is  assigned  an  integer 
address  called  its  Internet  address  or  IP  address.  IP  ad- 
dresses identify  not  only  a  unique  host  on  the  network  but 
also  the  network  itself.  Addresses  are  actually  comprised  of 
a  pair  of  addresses  (netid  which  identifies  the  network 
connection  and  hostid  which  identifies  the  host)  totaling  32 
bits,  which  are  allocated  as  follows: 

Class  A  addresses,  which  are  used  for  the  handful  of 
networks  that  have  more  than  216  hosts,  devote  7  bits  to 
netid  and  24  bits  to  hostid.  Class  B  addresses,  which  are 
used  for  intermediate  sized  networks  that  have  between  28 
and  216  hosts,  allocate  14  bits  to  the  netid  and  16  bits 
to  the  hostid.  Finally,  class  C  networks,  which  have  less 
than  28  hosts,  allocate  21  bits  to  the  netid  and  only  8 
bits  to  the  hostid.  (Comer,  1990,  p.  63) 

In  order  to  simplify  notation,  this  32  bit  number  is  broken  up 

into  8  bit  pieces  known  as  octets,  which  are  then  written  as 

four  decimal  numbers . 

b.  The  Domain  Name   System  Concept 

When  discussing  the  domain  naming  system,  the  term 
domain  refers  to  an  administrative  entity  that  provides  a 
decentralized  management  of  host  naming  and  addressing. 
(Stahl,  1987,  p.l)   While  it  is  very  efficient  for  computers 


to  use  bit  patterns  and  even  decimal  numbers  in  addressing, 
these  strings  of  numbers  have  little  or  no  meaning  to  the 
average  Internet  user.  By  introducing  the  level  of  ab- 
straction through  the  use  of  names,  domain  administrators  are 
able  to  create  names  that  have  meaning,  such  as 
CC.NPS.NAVY.MIL  which  is  the  domain  name  for  the  NPS 
mainframe.  Each  part  of  the  mnemonic  name  has  meaning,  for 
example,  the  MIL  portion  has  been  initiated  by  the  NIC  to  act 
as  a  parent  to  subdomains  that  are  developed  by  military  orga- 
nizations (Stahl,  1987,  p. 4) .  As  the  number  of  networks  grow, 
so  does  the  size  of  databases  created  to  keep  track  of  the 
mappings  between  decimal  and  mnemonic  names .  This  concern  led 
to  the  creation  of  a  distributed,  consistent  system  to  keep 
track  of  this  information  which  consists  of  the  following 
parts : 

•  DOMAIN  NAME  SPACE,  which  is  a  specification  for  a  tree 
structured  name  space. 

•  NAME  SERVERS  are  server  programs  which  hold  information 
about  the  domain  tree's  structure  and  set  information. 

•  RESOLVERS  are  programs  that  in  response  to  user  requests, 
extract  information  from  name  servers. 

Conceptually,  each  part  has  its  own  unique  view,  including  the 

user  who  only  sees  that  to  access  information  from  any  part  of 

the  domain  name  system  (DNS)  tree  he  initiates  a  call  to  a 

resolver.  To  the  resolver,  the  DNS  appears  as  an  unknown 

number  of  name  servers,  each  containing  part  of  the  tree. 

Finally,  the  name  server  sees  the  DNS  of  sets  of  separate 


local  information  called  zones.  The  name  server  has  local 
copies  of  some  of  the  zones,  and  periodically  updates  them 
from  master  files  or  other  name  servers.  These  name  servers 
handle  queries  that  arrive  from  resolvers  using  local  zones . 

(Mockapetris,  1983,  pp.  2-3) 

A  simplified  way  to  view  the  process  is  as  follows: 
a  user  wishes  to  find  the  address  of  machine  Y  @  UniversityZ. 
The  query  is  generated  by  the  resolver  software  in  his  machine 
to  his  local  name  server.  The  local  name  server  does  not  have 
the  address  and  therefore  passes  the  query  to  the  next  name 
server  in  the  tree.  Potentially  this  process  could  traverse 
the  entire  tree  looking  for  the  address  which  it  will 
eventually  find  or  return  an  error  message.  If  the  address  is 
found,  the  local  name  server  will  update  a  temporary  database 
with  this  new  information,  and  will  store  it  for  a  specified 
period  of  time.  After  this,  the  information  will  have  to  be 
looked  up  again. 

Network  administrators  wishing  to  establish  and 
register  a  domain  with  the  NIC  will  find  Request  For  Comments 

(RFC)  1032:  Domain  Administrators  Guide,  very  useful. 
c.  The  Distinction  Between  Names  and  Addresses 

While  it  may  be  intuitively  appealing  for  the  user 
to  make  the  distinction  between  addresses  and  names,  it  is 
merely  an  artificial  one.  Names  are  merely  a  method  of 
identification  made  up  by  characters  in  an  alphabet .  Names  are 


of  use  only  when  they  can  be  effectively  mapped  to  the  object 
they  denote.  Therefore,  IP  addresses  can  be  considered  low 
level  names  and  that  Internet  users  prefer  to  use  high  level 
names  for  host  computers.  (Comer,  1990,  p.  312) 
d.  NPS   Internet  Address  Structure 

Addresses  are  arranged  in  a  hierarchical  fashion 
with  network  given  the  first  two  octets  and  host  given  the 
last  two  octets.  As  an  example,  the  address  131.120.254.1  is 
the  address  for  the  computer  center,  which  also  has  the  name 
server  translation  of  CC.NPS.NAVY.MIL,  which,  unlike  the  four 
octet  address,  has  the  host  on  the  left  and  the  network  on  the 
right.  Therefore,  for  NPS,  the  assigned  network  address  is 
131.120,  with  the  computer  center's  address  component  being 
254.1.  Using  this  method  of  addressing,  NPS  will  be  able  to 
provide  addresses  for  up  to  254  hosts,  the  numbers  zero  and 
255  being  reserved  for  specialized  network  addressing  func- 
tions . 

3.  What  is  TCP/IP? 

TCP/IP  is  actually  a  family  of  protocols  that  are  used 
for  the  transmittal  of  data  packets  (called  datagrams)  across 
the  Internet.  TCP  (Transmission  Control  Protocol),  MIL-STD- 
1778,  is  responsible  for  dividing  messages  into  separate  units 
of  information  or  datagrams,  reassembling  them  at  the  desti- 
nation, re-sending  anything  that  is  not  acknowledged  as 
received,  and  reassembling  them  back  into  the  correct  order. 


IP  (Internet  Protocol) ,  MIL-STD-1777,  is  responsible  for  the 
routing  of  the  individual  datagrams.  (Hedrick,  1988  p.  3)  IP 
is  implemented  on  each  Internet  host  and  gateway  between 
networks,  and  does  not  guarantee  reliable  delivery  (Stallings, 
1988,  p. 104) . 

4.  Features  of  TCP/IP 

In  addition  to  the  low  level  tasks,  TCP/IP  also  has 
the  following  services  available  to  the  user: 

a.  Electronic  Mall 

Electronic  mail  allows  the  user  to  draft,  send  and 
receive  messages  to  and  from  individuals  or  groups .  The  Simple 
Mail  Transfer  Protocol  (SMTP) ,  MIL-STD-1781,  provides  this 
service.  (Comer,  1990,  p.  4)  SMTP  makes  use  of  TCP  to  estab- 
lish a  reliable  connection  for  message  transfer  (Stallings, 
1988,  p.  104) . 

Jb.  File   Transfer 

Using  the  File  Transfer  Protocol  (FTP) ,  MIL-STD- 
1780,  users  can  copy  and  retrieve  files  from  another  computer 
to  their  own  computer,  or  send  files  to  another  computer 
(Hedrick,  1988,  p.  2)  .  FTP  supports  ASCII,  EBCDIC,  and  files, 
and  makes  use  of  TCP  to  establish  reliable  connection  for  file 
transfer  (Stallings,  1988,  p.  104) . 

c.     Remote  Login 

The  Network  Terminal  Protocol  (TELNET) ,  MIL-STD- 
1782,  allows  a  user  to  log  in  to  any  other  computer  on  the 


network,  and  for  remote  terminal  access  to  host  applications. 
Under  this  protocol,  the  remote  computer  receives  each 
character  typed  into  the  user's  local  terminal  as  if  the  user 
was  using  a  terminal  directly  connected  to  it.  (Hedrick,  1988, 
p.  4)  TELNET  makes  use  of  TCP  to  establish  a  reliable 
connection  for  bi-directional  terminal  to  host  traffic 
(Stallings,  1988,  p.  104) . 

d.     Directory  Services 

TCP/IP  provides  facilities  for  the  location  of 
information  and  addresses  of  personnel  who  are  registered 
users  of  the  Internet  through  the  use  of  naming  services.  For 
example,  Internet  supported  functions  such  as  WHOIS  (name  of 
person)  will  perform  a  search  of  a  database,  producing 
pertinent  information  on  the  person  (such  as  associated 
institution  and  Internet  address) ,  if  he  is  registered. 
5.  Why  TCP/IP? 

In  addition  to  the  services  listed  above,  there  are  a 
number  of  features  incorporated  into  TCP/IP  that  distinguish 
it  from  other  network  connection  options: 

•  Network  Technology  Independence.  TCP/IP  is  independent  of 
any  vendor's  hardware. 

•  Universal  Interconnection.  A  TCP/IP  Internet  allows  any 
pair  of  computers  to  which  has  TCP/IP  installed  to 
communicate.  Each  computer  is  assigned  an  address  that  is 
universally  recognized  throughout  the  Internet.  Each 
datagram  carries  the  address  of  its  source  and  destina- 
tion. 

•  End  to  End  Acknowledgements.  The  TCP/IP  Internet  proto- 
cols provide  acknowledgements  between  the  source  and 


ultimate  destination  instead  of  between  successive 
machines  along  the  same  path,  even  when  the  two  machines 
do  not  connect  to  a  common  physical  network. 

•  Applications  Protocol  Standards.  When  designing  appli- 
cations programs  that  use  TCP/IP,  programmers  often  find 
that  existing  software  provides  the  communication  services 
that  they  need.  (Comer,  1990,  pp.  5-6) 

These  features  provides  the  user  with  a  standard,  well- 
developed  set  of  protocols  which  can  be  implemented  on  a 
variety  of  vendor  hardware,  fostering  interoperability  between 
systems.  TCP/IP  provides  a  bridge  over  dissimilar  systems  that 
can  communicate  and  share  resources . 

While  TCP/IP  is  referred  to  as  one  entity,  one  should 
always  keep  in  mind  that  they  are  two  separate  entities,  TCP 
providing  for  reliable  stream  transport  service,  and  IP 
providing  for  the  routing  of  datagrams  between  source  and 
destination  hosts.  Additionally,  one  should  also  be  aware  of 
the  dynamic  functioning  of  IP,  which  unlike  virtual  circuit 
protocols  (which  provide  for  a  static  route  of  packet 

transmission) ,  is  constantly  monitoring  network  traffic  load 
conditions  and  at  each  node  is  looking  for  the  best  route  for 
datagram  delivery. 

B.   THE  FUTURE  OF  TCP/IP 

In  August  of  1990,  the  Government  Open  Systems 
Interconnection  Profile  (GOSIP)  Federal  Information  Processing 
Standard  (FIPS)  v.l  went  into  effect.  GOSIP  will  be  comprised 
of  the  internationally  accepted  OSI  protocols  (i.e.  X.25  for 


public  packet  switched  networks,  X.400  for  message  delivery, 

etc.)  .  This  marks  the  beginning  of  formal  attempts  to  bring 

the  U.S.  government,  including  the  DOD,  into  the  world  of  OSI 

which  has  been  heralded  as  the  universal  architecture  of  the 

future.  At  face  value,  this  would  seem  to  dictate  the  end  of 

TCP/IP  and  its  plans  for  future  implementations.  But  this  is 

not  the  case: 

GOSIP  1  has  not  forced  the  spate  of  products  necessary  to 
build  and  operational  internetworking  environment  with 
heterogeneous  systems  and  networks.  Full  functioning 
internetworking  will  have  to  wait  for  GOSIP  2,3  and 
beyond.  (Howard,  1990,  p.  14) 

TCP/IP  is  a  mature  product  that  has  seen  many  improvements  and 

enhancements   since   its   inception.   Given   its   relatively 

entrenched  position  in  and  outside  of  the  DOD  it  figures  to  be 

an  integral  part  of  internetting  in  the  coming  decade.  It  is 

available  now,  therefore  providing  a  proven,  tested  software 

package  for  internetworking. 

C.   ADMINISTRATIVE  SCIENCES  DEPARTMENT  CONNECTIVITY  GOALS 

The  ultimate  goal  of  the  Administrative  Sciences  (AS) 
Department  is  to  achieve  Internet  connectivity  through 
implementing  a  version  of  the  TCP/IP  software  on  a  local  area 
network  (LAN) ,  while  at  the  same  time,  implementing  an 
alternative  that  provides  TCP/IP  services  in  a  form  that  is 
the  most  cost  effective.  Through  TCP/IP,  users  will  have 
direct  access  to  the  various  networks  and  their  host  comput- 
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ers,  without  the  need  for  mainframe  access.  LAN  implementation 
of  TCP/IP  will  make  the  Internet  available  to  more  users. 
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II.   I  -  224  LAN  OVERVIEW 

In  order  to  understand  the  decisions  facing  the  AS  Depart- 
ment of  how  best  to  connect  to  the  Internet,  the 
implementation  site  equipment  must  first  be  described.  The 
initial  TCP/IP  installation  is  I  -  224.  The  following  explana- 
tion will  summarize  the  details  of  each  LAN.  Following  these 
descriptions,  an  overview  of  present  options  for  connecting  to 
the  Internet  will  also  be  discussed. 

A.   3COM  ETHERNET  LOCAL  AREA  NETWORK 

The  3COM  LAN  in  1-224  is  a  small  implementation  of  3COM 
Corporation' s  network  system  based  on  the  Institute  of 
Electrical  and  Electronics  Engineers  (IEEE)  Standard  802.3 
Ethernet  protocol .  This  network  is  also  known  as  a  thin 
Ethernet,  referring  to  the  thiness  of  the  connective  cabling 
which  is  smaller  than  the  coaxial  cabling  used  for  the 
original  Ethernet  specification. 

1.  The  IEEE  802.3  Ethernet  Protocol 

The  heart  of  the  IEEE  802.3  protocol  is  the  approach 
of  managing  the  communications  channel  by  a  method  known  as 
Carrier  Sense  Multiple  Access  with  Collision  Detection 
(CSMA/CD)  .  In  this  method  of  managing  access  to  the  trans- 
mission medium,  a  user  computer  listens  to  sense  whether  or 
not  the  network  is  busy  (carrier  sense)  ;  and  if  busy,  it  does 
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not  transmit  until  the  network  is  quiet.  While  transmitting, 
a  computer  listens  for  collisions  with  other  computers  trying 
to  transmit,  and  if  collision  is  detected,  it  immediately 
aborts  transmission  and  issues  a  jam  signal  to  let  other 
computers  know  the  failure  and  force  them  to  reschedule  their 
transmissions  for  a  later  time.  To  manage  retransmission,  user 
computers  employ  an  exponential  back  off  algorithm  to  avoid 
repeated  collisions.  Using  an  algorithm  that  increases 
transmission  delay  time  in  proportion  to  the  number  of  sensed 
collisions  makes  retransmission  time  a  function  of  network 
loading,  thereby  inducing  transmission  delay  only  as  needed. 
(Schoch  et  al . ,  1982,  p.  61) 
2  .  3COM  LAN  Construction 

This  thin  Ethernet  implementation  is  of  both  a 
physical  and  logical  bus  configuration.  Each  user  computer  has 
installed  an  ETHERLINK  network  interface  board  which  provides 
the  transmission  and  reception  capabilities  of  Ethernet 
frames.  To  the  end  of  each  board  is  connected  a  three  way 
connector  which  allows  the  coaxial  cable  to  run  between  user 
computers .  Cable  ends  that  are  not  connected  to  another 
computer  or  the  server  are  capped  with  terminating  plugs  that 
suppress  cable  end  signal  reflections.  Figure  2.1  shows  a 
physical  diagram  of  the  network. 
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3 .   Special  Purpose  Server 

The  term  special  purpose  refers  to  the  fact  that  the 
server  for  this  network  is  not  a  regular  computer  (it  is 
without  keyboard  and  monitor) ,  and  cannot  be  used  as 
such. Maintenance  of  the  system  is  performed  by  placing  the 
server  in  a  maintenance  mode  and  then  accessing  it  through  the 
use  of  one  of  the  user  computers. 

a.  Function 

This  computer  makes  available  resources  such  as  a 
printer,  virtual  disk  drives  and  applications  software  for  use 
by  the  computers  on  the  LAN.  The  server  also  contains  the 
network  operating  system  and  all  the  programs  necessary  to 
properly  administer  the  network. 

b.  Server  Hardware   Characteristics 

The  Central  Processing  Unit  (CPU)  of  the  server  is 
the  Intel  Corporation  8018  6,  running  at  8  Megahertz  (MHZ) . 
Server  random  access  memory  (RAM)  is  configured  at  940  KB,  and 
secondary  storage  for  the  network  programs  is  provided  by  a  70 
Megabyte  (MB)  hard  disk  drive.  Additionally,  the  server  has 
the  following  connection  ports:  AppleTalk,  parallel  port 
(connected  to  an  IBM  Proprinter) ,  serial  port  (unused) ,  and 
tape  and  disk  SCSI  ports. 

c.  Server  Software   Characteristics 

In  addition  to  DOS,  the  3COM  LAN  currently  uses 
ETHERSERIES  2.4  operating  system  software  which  provides  the 


15 


following  network  services :  electronic  mail  via  the  EMAIL 
command,  network  printing  through  use  of  the  EPRINT  command, 
the  ability  for  users  to  create  and  share  volumes  of  infor- 
mation on  the  server  hard  disk  through  the  ETHERSHAKE  command, 
and  general  access  of  all  ETHER  functions  through  invoking  the 
main  menu  via  the  EMENU  command.  Access  to  regular  network 
application  software  is  provided  through  the  normal  network 
1DIR  directory  interface. 

4  .  3COM  User  Computers 

The  user  computers  provide  the  method  for  conducting 
information  processing  on  the  network.  The  3COM  network  has 
five  user  computers,  each  an  IBM  PC  XT  with  a  Color  Graphics 
Array  (CGA)  monitor.  Originally  running  at  a  clock  speed  of 
4.77  MHZ,  they  have  all  been  outfitted  with  accelerator  boards 
boosting  speed  to  7.2  MHZ.  The  computers  also  have  640 
Kilobytes  (KB)  of  RAM,  two  low  density  (360  KB)  floppy 
diskette  drives,  and  20  MB  hard  disks  which  are  used  to  hold 
the  ETHERSERIES  network  operating  system,  DOS,  and  batch 
f ile3 .  One  computer,  additionally  controls  an  IBM  color  plot- 
ter. 

5 .  Network  Capabilities  and  Limitations 

While  3COM  corporation  advertises  that  the  maximum 
number  of  computers  on  a  single  network  is  100  with  a  data 
transmission  rate  at  10  megabits  per  second  (MBPS)  for  a  thin 
Ethernet   implementation,   a   practical   maximum  number   of 
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computers  on  the  network  is  ten.  This  is  based  on  the  rela- 
tionship between  network  loading  and  actual  system  throughput . 
As  network  traffic  increases,  the  likelihood  of  collisions 
increases,  thereby  decreasing  throughput.  In  small  appli- 
cations CSMA/CD  protocol  networks  offer  relatively  good 
performance,  but  in  larger  implementations  experience  reduced 
performance  in  the  form  of  increased  transmission  delay  times. 
(Stallings,  1984,  p. 37) 

Another  limitation  of  the  network  is  its  lack  of 
redundancy  in  case  of  damage  or  failure.  Since  the  server  is 
unique  to  the  network,  its  failure  will  cause  network 
failure.  Due  to  its  bus  design,  any  damage  to  the  network 
cabling  will  also  cause  failure.  Computers  can  be  removed  from 
the  network  but  only  by  disconnecting  them  through  unplugging 
the  network  board  end  of  their  T  -  connector. 

B.   IBM  TOKEN  RING  NETWORK 

The  token  ring  network  in  1-224  is  a  relatively  small 
implementation  based  on  the  IEEE  Standard  802.5  Token  Ring 
protocol.  A  larger  LAN  than  the  3COM  Ethernet,  it  consists  of 
fifteen  vice  five  user  computers .  The  following  is  a  discus- 
sion of  network  construction  and  characteristics. 

1.   IEEE  802.5  Token  Ring  Protocol 

The  main  premise  of  the  IEEE  802.5  protocol  is  that  of 
managed  access  of  the  transmission  media.  Unlike  CSMA/CD, 
which  is  a  contention  access  protocol  (each  station  competing 
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for  the  ability  to  transmit  its  particular  data) ,  users  on  the 
token  ring  must  have  permission  in  order  to  transmit  their 
data.  Managed  access  based  on  this  protocol  works  in  the 
following  fashion:  A  high  speed  electronic  signal  (token)  is 
continually  circulated  around  the  network.  If  a  user  wishes  to 
transmit  information,  that  computer  captures  the  token, 
appends  the  data,  and  then  sends  it  back  out  on  the  network. 
This  token  (now  referred  to  as  a  busy  token)  circulates  until 
it  returns  to  the  sender,  at  which  time  it  is  destroyed  and 
then  re-issued  as  a  free  token. 

2 .  Token  Ring  LAN  Construction 

The  token  ring  is  logically  constructed  in  a  circular 
fashion  but  physically  laid  out  in  a  star  configuration. 
Transmission  media  consists  of  shielded  twisted  pair  wire, 
also  known  as  data  grade  cable.  Special  cabling  connectors 
provide  the  ability  to  connect  to  a  Multistation  Access  Unit 
(MAU)  or  to  a  cable  extension.  By  use  of  MAUs,  the  network  can 
be  physically  connected  in  a  star,  but  still  maintain  the 
logical  ring  topology.  This  not  only  provides  for  easier 
maintenance  and  troubleshooting,  but  also  takes  advantage  of 
the  redundancy  built  into  each  MAU.  Inside  a  MAU  are  two 
circuits .  When  there  is  a  failure  in  one  (a  break  in  the 
ring) ,  a  set  of  normally  energized  relays  fail  to  the  second- 
ary circuit  maintaining  network  operations .  User  computers  are 
connected  to  the  network  itself  by  installation  of  a  token 
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ring  adapter  card  (network  interface  board)  which  provides  the 
hardware  necessary  for  the  transceiving  of  frames  in  the  token 
ring  protocol.  Figure  2.2  provides  a  physical  diagram  of  the 
network . 

3 .  Server  Characteristics 

Unlike  the  3COM  Ethernet,  the  IBM  Token  Ring  LAN  has 
three  server  computers,  each  one  a  PC  that  has  been  selected 
to  act  as  a  server.  To  keep  them  from  being  used  inadvertently 
by  network  users,  all  keyboards  are  kept  locked  by  the  Network 
Administrator . 

a.  Server  Hardware   Characteristics 

Servers  TN3  and  TN6M  are  based  on  the  Intel  Corp. 
80386  CPU  running  at  a  clock  speed  of  33  Mhz .  Each  has  4  MB  of 
RAM  (3  MB  of  which  are  set  up  as  cache  memory) ,  a  212  MB  hard 
disk  drive,  and  both  5  1/4"  and  3  1/2"  floppy  diskette  drives. 
In  addition  to  file  servers,  both  TN3  and  TN6M  also  function 
as  print  servers,  each  controlling  an  IBM  Proprinter.  TNO,  the 
3270  emulation  gateway  server  also  controls  an  IBM  Color 
Jetprinter.  TN3  additionally  serves  as  controller  for  a 
Bernoulli  Box  40  MB  removable  magnetic  cartridge  device.  This 
unit  provides  increased  program  storage  capability  serving  as 
logical  drives  I:  and  J:  on  the  network,  the  unit  having  two 
removable  20  MB  cartridges. 

Server  TNO,  an  IBM  PC  XT  running  at  7.2  Mhz, via  an 
accelerator  board,  functions  as  a  IBM  3270  terminal  emulation 
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gateway  for  connection  to  the  Amdahl  Mainframe  located  in  the 
computer  center.  This  computer  also  has  a  10  MB  hard  disk  for 
the  storage  of  the  3270  gateway  emulation  software. 

b.     Server  Software   Characteristics 

The  token  ring  network  uses  IBM  PC  LAN  version  1.2 
as  it  network  operating  system  in  conjunction  with  DOS  3.21. 
Although  this  operating  system  does  offer  a  PC  to  PC  elec- 
tronic mail  functions  this  option  has  been  disabled  to 
increase  available  RAM. 

4 .  Token  Ring  User  Computers 

The  token  ring  has  fourteen  computers  available  for 
use  with  an  additional  one  located  in  the  front  of  the  room 
for  instructional  use  (output  is  connected  to  a  three  beam 
projector) .  Twelve  of  the  user  computers  are  Standard  brand 
80286  based  computers  running  at  10  Mhz .  These  computers  vary 
in  their  configuration  in  that  TN20  through  TN25  have  math 
coprocessors  and  modems  (except  TN23  which  has  no  modem  but 
has  327  0  emulation  capability) ,  while  computers  TN2  6  through 
TN31  all  have  3270  emulation  capability,  but  no  coprocessor 
installed.  In  addition,  user  computer  TN25  also  controls  an 
AST  TurboScan  graphical  image  scanner.  These  computers  also 
have  EGA  monitors  (except  TN23  which  has  a  CGA  monitor) ,  640 
KB  of  conventional  RAM  plus  an  additional  512  KB  of  extended 
memory  which  has  been  configured  as  a  VDISK  for  network 
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programs.  All  user  computers  additionally  have  5  1/4"  floppy 
diskette  drives  (both  high  and  low  density)  ,  and  20  MB  hard 
disk  drives . 

The  remaining  three  computers,  TNI 8,  TN12,  and  TN15 
are  all  IBM  XT  model  computers  with  accelerator  boards 
boosting  their  clock  speed  to  7.2  MHZ,  640  KB  of  RAM,  20  MB 
hard  disk  drives  and  CGA  monitors .  These  computers  also  have 
two  low  density  diskette  drives  and  3270  mainframe  emulation. 
5.  Network  Capabilities  and  Limitations 

From  a  maintenance  standpoint,  the  token  ring  is  far 
superior  to  the  3COM  in  a  number  of  ways : 

•  MAU  redundancy  provides  improved  network  reliability. 

•  Failure  of  a  server,  while  degrading  the  network,  can  be 
remedied  by  replacing  it  with  a  reconfigured  user  comput- 
er. 

•  User  computers  can  be  added  or  removed  without  degrading 
network  performance . 

In  addition,  the  token  ring  protocol,  while  incurring  token 
passing  delay,  guarantees  access  to  the  media,  and  is  there- 
fore more  suitable  for  higher  traffic  loads.  Physically,  the 
network  simply  offers  more  of  everything:  computing  power, 
printing  services,  and  secondary  storage. 

C.   INTERNET  CONNECTIVITY 

This  section  will  discuss  the  methods  presently  available 
for  accessing  the  Internet  as  well  as  the  existing  and 
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proposed  physical  connections  involved  in  establishing  direct 
connectivity  between  the  Internet,  3COM,  and  token  ring 
networks . 

1.  Mainframe  TCP/IP  Access  using  3270  Emulation 

In  order  to  connect  to  the  mainframe  and  access 
TCP/IP,  one  could  use  3270  emulation  with  a  coaxial  cable 
connection  to  the  mainframe.  IBM's  3270  Terminal  Emulation 
Software  is  designed  to  be  used  in  conjunction  with  a  3270 
emulator  board  to  create  a  "virtual"  3270  terminal  that  can 
directly  access  the  mainframe. 

a.  Physical    Connection 

In  order  to  provide  the  most  efficient  means  for 
achieving  3270  emulation  capability  for  the  network,  a  gateway 
installation  option  was  chosen.  With  this  option,  the  3270 
gateway  has  the  327  0  emulation  adapter  and  the  gateway 
software  installed,  which  is  in  turn  connected  by  coaxial 
cable  to  an  IBM  3174  Mainframe  Controller,  located  in  the 
computer  center. 

b .  Software   Installation 

Although  none  of  the  user  computers  on  the  3COM 
network  are  configured  for  3270  emulation,  ten  computers  on 
the  token  ring  have  been  given  this  capability,  although  only 
five  can  concurrently  access  the  mainframe  at  a  time.  The 
gateway  server,  upon  boot  up,  is  put  in  the  3270  mode  and 
establishes  an  on  line  connection  to  the  mainframe.  The  user 
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computers  which  have  the  3270  emulation  software  installed  on 
their  C  drives,  which  is  invoked  via  a  batch  file  from  the  L: 
drive  (batch  file  directory) ,  will  map  the  keyboard  for  3270 
terminal  operations  and  establish  connectivity  through  the 
gateway  with  the  mainframe.  Once  logged  on,  then  the  user 
simply  uses  the  mainframe's  TCP/IP  to  conduct  a  TELNET  or  FTP 
operation.  While  this  does  provide  connectivity,  this  method 
of  interconnection  is  much  less  elegant  than  using  the 
mainframe  directly. 

2 .  Connecting  to  the  Internet  Using  the  TAC 

The  TAC  or  terminal  access  controller  is  a  specialized 
computer  that  can  connect  directly  to  the  packet  switching 
node  located  in  the  computer  center  at  NPS,  and  provides 
terminal  logic  for  controlling  a  terminal  and  communications 
logic  for  establishing  connections  across  the  Internet  to  host 
systems  (Stallings,  1988,  p.  103) .  To  access  the  TAC  from  the 
token  ring  network,  the  user  would  use  a  resident  modem 
communications  software  package  such  as  SMARTCOM,  to  connect 
to  the  TAC. 

While  this  connection  bypasses  the  mainframe  entirely, 
it  does  not  provide  full  TCP/IP  capability.  Full  use  of  the 
Internet  requires  host  access,  which  allows  information 
transfer  between  hosts  connected  to  the  Internet  (Stallings, 
1988,  p.  103) .  Functions  such  as  FTP,  TELNET  and  SMTP  are  not 
directly  available. 
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3 .  Gateway  To  The  Internet 

In  order  to  implement  TCP/IP  on  the  two  local  area 
networks,  it  will  first  be  necessary  to  physically  connect 
them  to  the  campus  backbone.  Connection  via  a  gateway  to  the 
backbone  will  enable  the  TCP/IP  software  to  address  the 
correct  router  which  will  in  turn  route  packets  out  on  to  the 
Internet.  The  following  discusses  each  connection. 

a.  3COM  Ethernet   Connection 

The  3COM  network  has  already  achieved  Internet 
connectivity  in  the  following  manner:  a  cable  has  been  run 
from  the  3COM  server  to  a  Cabletron  Systems  MRC-2000  ethernet 
digital  signal  repeater.  The  repeater  reshapes  and  retimes 
digital  pulses  to  ensure  that  ethernet  frames  maintain  their 
integrity.  From  the  repeater,  a  cable  has  been  connected  to  an 
ethernet  transceiver,  which  taps  the  Ingersoll  branch  of  the 
campus  backbone . 

b.  Token  Ring  Connection 

Recent  improvements  to  the  NPS  Internet  architec- 
ture have  seen  the  addition  of  a  Cisco  Router  to  the  campus 
backbone.  The  router  which  is  capable  of  simultaneously 
supporting  a  number  of  different  communication  protocols,  is 
the  device  through  which  the  token  ring  LAN  will  achieve 
Internet  connectivity.  When  the  connection  is  implemented,  it 
will  be  constructed  in  the  following  manner:  a  cable  (already 
run  between  1-224  and  the  Computer  Center)  will  be  connected 
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to  a  token  ring  interface  board  installed  in  the  router;  the 
router  will  then  retrieve  the  IP  datagrams  from  the  token  ring 
frames  and  then  route  them  directly  to  the  Internet  via  a  high 
speed  data  communications  line.  These  connections  will  provide 
the  ability  for  direct  access  to  the  Internet,  and  thus  pave 
the  way  for  network  TCP/IP  implementation. 

While  LAN  users  presently  have  the  ability  to  use 
Internet  resources,  they  are  limited  in  scope.  Certain 
functions  such  as  mail  and  file  transfer  can  only  be 
accomplished  at  the  mainframe  level  of  access.  The  following 
chapter  will  discuss  these  issues  in  addition  to  how  best 
implement  TCP/IP. 

D.   CHAPTER  SUMMARY 

This  chapter  began  with  a  discussion  of  the  3COM  Ethernet 
LAN  and  the  IBM  Token  Ring  network.  Hardware  and  software 
features  were  discussed,  along  with  the  protocols  employed  by 
each  network.  Currently  available  methods  for  connecting  to 
the  Internet  were  discussed,  including  using  SIMPC  and  the 
TAC,  and  the  chapter  concluded  with  a  discussion  of  the 
physical  connections  necessary  to  achieve  connectivity  from 
either  LAN  to  the  Internet. 
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III.   TCP/IP  INSTALLATION  OPTIONS 

This  chapter  will  focus  on  both  the  currently  available 
and  not  yet  available  "ideal"  alternatives  for  installing 
TCP/IP  protocol  software  on  the  networks  reviewed  in  Chapter 
Two.  First,  however,  is  a  discussion  of  a  factor  that  greatly 
influences  the  selection  of  a  specific  alternative  -  Internet 
addressing. 

A.   INTERNET  ADDRESSING  METHODS 

The  host  addressing  method  is  shown  in  Figure  3.1.  From 
the  diagram  it  can  be  seen  that  when  this  method  of  Internet 
connectivity  is  chosen,  given  a  class  B  address  with  254 
possible  hosts,  the  network  could  soon  run  out  of  addresses, 
eventually  requiring  address  restructuring.  However  with  the 
use  of  subnetting  for  Internet  connectivity,  this  can  be  kept 
to  a  minimum.  Figure  3.2  illustrates. 

As  previously  discussed,  the  first  two  octets  of  the  NPS 
Internet  address  comprises  the  network  number  (131.120) .  What 
is  done  with  next  two  octets  is  the  decision  of  the  campus 
network  administrator  and  the  LAN  administrators. 

Again,  while  this  may  not  seem  important  in  the  context  of 
the  AS  Department,  when  applied  to  larger  installations,  the 
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Flat  network  Architecture  consumes  a  lot  of  address  space, 
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(PC  hosts   on   the   same   Local  Area  Network) 
Multiple  connections  on   the  campus  backbone. 

Figure   3.1   Local    Internet  Architecture  without   Subnetting 
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implications  of  this  become  apparent:  As  the  number  of  local 
area  networks  grow,  the  more  subnetting  makes  sense. 

B.   PC  HOST  OPTION 

This  section  covers  the  first  option  currently  available, 
that  of  installing  TCP/IP  on  each  user  computer,  essentially 
making  it  into  a  network  host.  Figure  3.3  illustrates  the  host 
implementation  for  the  IBM  token  ring. 

1.  What  Is  A  Network  Host? 

Generally  speaking,  a  host  on  a  network  is  an  applica- 
tions computer  that  may  also  have  communications  protocols 
necessary  to  operate  on  that  network.  In  the  context  of  the 
Internet,  hosts  are  registered  at  the  Network  Information 
Center  (NIC),  which  assigns  them  specific  IP  addresses.  In  the 
case  of  NPS,  which  has  been  assigned  the  class  B  address 
131.120.X.X,  NPS  locally  administers  address  numbers  created 
below  the  131.120  level. 

The  domain  name  NPS.NAVY.MIL  has  been  registered  with 
the  Internet  authority  (NIC) .  Further  subdomains,  which  are 
comprised  of  the  names  for  machines  connected  to  the 

backbone,  are  controlled  by  the  local  NPS  network  authority. 
It  is  the  responsibility  of  the  organizations  wishing  to 
connect  to  the  backbone  to  first  request  connection  to  the 
backbone  and  obtain  a  group  of  Internet  addresses  in  order  to 
maintain  local  Internet  integrity. 
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Figure  3 . 3  PC  Host  Option  on  the  IBM  Token  Ring 
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2 .   Implementing  the  PC  Host  Option 

The  following  is  a  discussion  of  points  that  should  be 
considered  by  a  network  administrator  when  evaluating  the 
possibility  of  assigning  each  LAN  PC  as  a  host  on  the 
Internet . 

a.  Benefits   of  Creating  Individual  Hosts 

Installing  TCP/IP  on  each  user  computer  will  enable 
it  to  enjoy  all  the  services  inherent  in  the  software.  When 
each  computer  has  its  own  address,  functions  such  as  FTP, 
TELNET  and  E-Mail  can  be  conducted  between  PCs.  To  see  why 
this  is  important,  understand  that  in  order  to  conduct  these 
operations,  users  must  have  an  address  in  order  to  transfer 
files,  log  on  to  another  PC,  and  receive  mail. 

Jb.  Requirements 

The  first  requirement  in  creating  individual  LAN 
hosts  would  be  the  availability  of  sufficient  hard  disk  drive 
space  for  permanent  software  installation.  In  the  case  of  the 
AS  Department  LANs  this  is  presently  not  a  concern  as  the  user 
PCs  have  an  average  of  10  MB  of  free  disk  space,  while  the  PC 
TCP/IP  software  only  requires  about  3  MB. 

The  second  requirement  would  be  to  obtain  a  block 
of  addresses  from  the  local  Internet  administrator.  These  must 
be  obtained  for  software  installation,  since  these  will  be 
used  to  set  the  pathway  for  the  routing  of  datagrams,  and  also 
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to  enable  him/her  to  maintain  control  over  the  campus  network 
structure . 

Finally,  the  LAN  must  be  physically  connected  to  a 
router  that  has  access  to  the  Internet .  For  the  AS  Department 
LANs  this  has  been  partially  accomplished  by  connecting  the 
3COM  Ethernet  to  the  campus  backbone.  While  a  cable  has  been 
run  to  connect  the  token  ring,  this  has  not  yet  been 
accomplished . 

3 .  E-Mail  Considerations  Under  the  Host  Option 

Individually  addressed  PCs  enable  the  user  to  either 
send  or  receive  mail  over  the  Internet.  However,  in  the  case 
of  the  AS  Department,  a  number  of  questions  arise  concerning 
the  viability  of  this  option.  The  following  are  points  for 
consideration : 

•  User  PCs  in  1—224  are  powered  down  when  not  in  use.  Any 
attempt  to  send  mail  to  these  computers  would  result  in  a 
host  unreachable  condition. 

•  LAN  labs  are  public  domain  in  the  sense  that  any  student 
can  use  them.  However,  many  students  will  probably  wish  to 
have  their  own  Internet  Identifier  and  E-Mail  address, 
entailing  significant  administrative  overhead. 

•  An  alternative  to  individual  addresses  would  be  the  use  of 
generic  addressing.  Users,  however  would  have  to  remember 
to  identify  themselves  when  sending  messages. 

•  If  generic  addresses  are  selected,  E-Mail  privacy  will  be 
nearly  impossible  to  maintain  with  a  large  number  of 
users . 

•  Large  amounts  of  E-Mail  will  probably  not  be  discarded  by 
users  and  will  accumulate  on  the  network,  creating  an 
administrative  burden  on  the  LAN  administrator,  who  will 
eventually  have  to  purge  it.  (Schneidewind,  1991,  p.  2) 
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Although  some  of  these  considerations  are  peculiar  to  the  AS 
Department  and  similar  environment  LANs,  they  can  easily  be 
fit  into  the  context  of  larger  organizations,  where  these 
issues  take  on  much  greater  significance. 
4 .  Problems  With  The  Host  Option 

While  most  TCP/IP  services  are  currently  available 
with  this  option,  there  are  also  a  number  of  problems: 

•  Complicated  installation  and  set  up  procedures  in  addition 
to  software  maintenance  on  each  machine  will  significantly 
increase  network  administrative  overhead.  Effort  required 
is  multiplied  by  each  TCP/IP  machine  on  the  network  and 
could  prove  to  be  prohibitively  expensive  over  time. 

•  Each  separate  TCP/IP  installation  will  require  approxi- 
mately 3  MB  of  hard  disk  space  cumulatively  consuming 
significant  amounts  of  storage  space  for  the  network. 

•  Naming  and  addressing  issues,  depending  on  the  method 
chosen,  could  involve  extensive  coordination  between  the 
campus  Internet  authority  and  the  LAN  administrator. 

Another  consideration  which  should  not  be  overlooked  is  the 
expense  involved  in  setting  up  multiple  TCP/IP  installations. 
While  in  the  case  of  1-224,  this  may  seem  a  trivial,  it  has 
broader  implications  when  considering  implementation  on 
larger  LANs . 

Finally,  the  point  should  be  made  that  at  present 
there  is  not  a  product  available  that  addresses  the  above  con- 
cerns. While  there  are  a  number  of  PC  TCP/IP  products  avail- 
able, each  has  its  own  peculiarities,  especially  with  regard 
to   user   services .   Network   administrators   will   have   to 
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carefully  evaluate  each  product  to  see  not  only  if  it  will 
function  on  a  particular  network,  but  also  if  it  provides  the 
desired  functionality. 

Part  of  the  problems  associated  with  the  host  option 
is  that  the  predecessor  protocols  of  TCP/IP  were  originally 
designed  to  be  run  on  large  mainframe  computers  that  were 
designated  as  hosts  on  a  wide  area  network.  As  technology  has 
improved,  and  with  the  advent  of  distributed  systems,  problems 
such  as  the  ones  noted  above  are  more  frequently  encountered. 
This  is  due  to  the  fact  that  users  are  looking  to  use  TCP/IP 
in  ways  other  than  originally  intended;  that  is  for 
implementation  on  those  distributed  systems  in  ways  that 
provide  all  of  the  functionality,  but  do  not  require  all  the 
costs  involved  in  a  PC  host  set-up.  This  is  proving  difficult 
at  present,  since  this  would  require  significant  re-engi- 
neering of  software  that  was  previously  designed  for  minicom- 
puters and  mainframes . 

The  following  section  will  address  an  alternative  to 
individual  PC  hosts:  the  gateway  server  option. 

C.   TCP/IP  LAN  GATEWAY  OPTION 

While  creating  a  TCP/IP  gateway  will  eliminate  a  number  of 
the  concerns  outlined  in  the  previous  discussion,  it  will  also 
generate  others.  First,  however,  is  a  discussion  of  some 
fundamental  points  necessary  to  understand  how  this  option 
could  be  implemented. 
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1 .  What  Is  A  Gateway? 

In  simplest  terms,  a  gateway  is  a  computer  that 
interconnects  two  separate  networks  and  passes  packets  between 
them.  Terms  also  used  to  describe  them  are  internet  gateway 
and  IP  router.  (Comer,  1990,  p. 55)  When  looking  at  implement- 
ing TCP/IP  on  a  gateway  server  for  either  of  the  LANs  in  I- 
224,  the  requirements  are  basically  the  same:  the  server  com- 
puter has  a  physical  connection  to  another  network  (i.e.  the 
3COM  Ethernet  has  a  connection  to  the  campus  backbone) ,  and 
this  gateway  server  must  format  data  in  accordance  with 
network  protocols  (i.e.  ethernet  packets  would  be  converted  to 
IP  datagrams  before  transmission  on  to  the  backbone) . 

Internet  gateways  employ  a  number  of  gateway  specific 
protocols  in  order  to  determine  the  best  route  for  routing 
datagrams  across  the  Internet .  These  protocols  deal  specifi- 
cally with  actions  such  as  updating  internal  dynamic  routing 
tables,  these  tables  contain  an  entry  for  each  reachable 
network,  and  information  about  which  of  its  neighbor  gateways 
(a  neighbor  gateway  shares  a  common  network) ,  and  are  current- 
ly operational. 

2  .  Implementing  A  Gateway 

In  order  to  implement  this  option  either  an  existing 
server  will  have  to  be  configured  with  the  TCP/IP  software,  or 
possibly  another  computer  would  be  dedicated  as  a  TCP/IP 
server. 
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a.  Gateway  Set-Up 

In  setting  up  a  gateway  server  there  are  a  number 
of  requirements  that  will  have  to  be  fulfilled.  First,  the 
computer,  as  noted  in  Chapter  I,  must  have  physical  connec- 
tivity with  the  campus  backbone  in  order  to  communicate  on  the 
Internet.  Second,  it  must  be  configured  with  the  TCP/IP 
software,  and  also  set  up  to  function  as  a  gateway,  including 
giving  it  an  address. 

b.  Gateway  Operation 

The  gateway  server  will  function  the  same  as  any 
other  file  server  on  the  network.  That  is  a  user  computer  will 
initiate  access  to  the  server  to  load  the  TCP/IP  program.  The 
applicable  software  will  be  copied  into  the  user  computer  RAM 
and  executed. 

c.  Advantages  and  Disadvantages  of  a  Gateway 

The  following  are  the  main  advantage  and 
disadvantage  of  the  gateway  option: 

•  Centralized  Maintenance.  TCP/IP  software  is  limited  to  one 
installation  per  network,  meaning  less  man-hours  necessary 
for  maintenance  such  as  software  updates . 

•  Under  current  implementations  user  computers  will  still 
need  individual  Internet  addresses  in  order  to  operate  in 
the  TCP/IP  environment.  User  PCs  are  designated  to  the 
system  during  software  set-up. 

The  disadvantage  listed  above  is  common  to  a  number  of  vendor 
PC  TCP/IP  products  when  installed  under  a  gateway  configura- 
tion. 
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3.  Limitations  of  Current  Host  and  Gateway  TCP/IP  Options 

In  addition  to  the  above  limitation,  certain  current 
TCP/IP  products  have  the  following  limitations  that  are  common 
to  both  options : 

•  Certain  vendor  TCP/IP  products  require  set-up  of  a 
separate  FTP  server  in  order  to  provide  this  service. 
While  it  is  possible  to  make  this  resident  in  the  gateway 
server,  it  is  undesirable  from  a  performance  standpoint 
unless  the  server  is  of  a  robust  design  (i.e.  486,  very 
large  hard  disk) .  For  networks  such  as  the  3COM  Ethernet, 
this  would  entail  a  separate  computer  due  to  the  limited 
capability  of  the  special  purpose  server. 

•  Certain  vendor  TCP/IP  products  require  set-up  of  a 
separate  E-mail  server  in  order  to  provide  SMTP.  Some  of 
these  implementations  only  run  under  the  UNIX  operating 
system. 

The  above  limitations  result  in  the  loss  of  a  lot  of  potential 
TCP/IP  functionality.  (Schneidewind,  1991,  p.  8) 
This  concludes  the  discussion  of  currently  available  alterna- 
tives. The  following  section  proposes  a  system  design  that 
provides  both  the  LAN  administrator  and  LAN  user  with  the  best 
features  of  both  alternatives. 

D.   MODIFIED  GATEWAY  OPTION 

This  section  is  proposed  as  an  "ideal"  system  which  will 
combine  the  best  features  of  systems  previously  discussed, 
while  proposing  a  more  conservative  use  of  resources. 

1 .  Components  of  the  System 

The  following  subsections  discuss  the  components  of 
the  modified  gateway  server  option.  All  components  could 
either  be  logically  implemented  (configuring  the  appropriate 
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software  to  achieve  the  desired  functionality) ,  or  physically 
implemented  by  designating  that  specific  function  to  a 
separate  computer.  Figure  3.4  depicts  the  total  system. 

a.     Gateway  Server 

Like  the  gateway  server  option  previously 
discussed,  this  system  will  have  a  server  computer  with  TCP/IP 
resident  on  its  hard  drive,  just  like  any  other  application 
program.  The  TCP/IP  server  will  be  accessed  via  a  batch  file 
located  on  each  user  PC,  and  will  serve  as  the  central  point 
of  entry  to  the  Internet  from  a  specific  LAN,  and  will 
physically  connect  to  the  campus  backbone. 

Jb .  Name   Server 

This  configuration  will  employ  a  name  server  for 
the  network.  While  this  will  only  be  a  software  configuration 
for  small  LAN  implementations,  larger  size  LANs  or  LANs  that 
have  other  LANs  using  the  same  gateway  server  will  benefit 
from  a  specific  computer  designated  as  a  name  server  for  both 
performance  and  administrative  reasons.  A  name  server  will 
provide  the  ability  for  translation  of  mnemonic  names  (e.g. 
MichaelH  0  3C0M.AS.NPS.NAVY.MIL)  to  a  E -Mailbox  address  such 
as  131.120.30.7,  while  freeing  the  gateway  itself  from  having 
to  conduct  potentially  long  database  searches.  Requests  for 
names  translation  will  be  shunted  to  the  LAN  name  server. 
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Figure  3.4  Conceptual  Diagram  of  Modified  Gateway  Option 
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c.  E-Maxl/FTP  Server 

The  third  component  of  this  configuration  will  be 
an  E-Mail/FTP  server.  This  component,  either  logically  or 
physically  configured,  depending  on  network  size,  will  serve 
as  the  repository  for  all  incoming  electronic  mail  and  files. 
Instead  of  having  mail  and  files  going  directly  to  each  user 
PC  on  the  LAN,  they  will  remain  at  the  mail  server,  until 
retrieved  by  the  user. 

This  approach  provides  E-Mail,  FTP,  and  TELNET 
services,  while  unburdening  the  server  to  provide  the  essent- 
ial portions  of  TCP/IP  functions  such  as  routing  and  error 
checking.  The  following  subsection  deals  specifically  with  the 
method  of  operation. 

2 .  Method  of  Operation 

The  system  will  operate  in  the  following  manner:  a 
user  desiring  to  use  TCP/IP  will  select  it  from  the  menu  on 
the  network  by  invoking  a  batch  file.  This  batch  file  will 
require  that  the  user  enter  a  name  and  a  password.  Upon 
confirmation,  TCP/IP  will  be  accessed  on  the  gateway/ server 
and  the  name  server  will  be  accessed.  This  call  will  retrieve 
the  mailbox  address  that  corresponds  to  the  user  and  all 
subsequent  E-Mail/file  traffic  for  the  user  will  be  routed 
there.  In  actuality,  all  addressing  will  originate  at  the 
servers,  with  all  FTP,  TELNET  and  E-Mail  functions  handled  for 
the  user  by  servers.  Users  will  be  able  to  command  these 
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functions  without  requiring  user  PCs  to  carry  out  these 
functions  directly.  User  PCs  will  not  require  Internet 
addresses.  A  separate,  non-Internet  address  method  will  allow 
user  PCs  to  communicate  with  servers  (i.e.  FTP,  E-Mail) .  The 
user  will  send  his  traffic  as  he  would  in  any  other  TCP/IP 
installation.  For  receiving  it,  however,  it  will  go  to  his 
mail  box  on  the  mail  server,  where  he  will  have  to  retrieve  it 
locally  via  a  separate  program  much  like  using  TCP/IP  on  the 
mainframe.  When  users  log  in  to  the  TCP/IP  network,  they  will 
be  notified  if  they  have  any  mail  or  files  in  their  mailbox. 
They  then  have  the  option  to  browse,  copy  to  a  local  disk 
drive,  or  discard. 

a.  Advantages   of  the  Modified  Gateway 

By  using  a  modified  gateway  approach  to  TCP/IP 
implementation  on  a  LAN,  The  following  benefits  will  be 
realized: 

•  PC  to  PC  file  transfer  ability.  Using  a  modified  gateway 
will  provide  PC  to  PC  file  transfer  ability  without 
implementing  individual  hosts. 

•  Centralized  maintenance.  Software,  aside  from  invocation 
batch  files,  will  only  be  resident  on  the  server  (s), 
greatly  reducing  LAN  maintenance. 

•  Centralized  E-Mail.  E-mail,  which  under  the  host  option 
would  accumulate  in  each  user  computer  requiring  periodic 
purging,  now  resides  centrally  on  the  server  where  it  can 
be  more  easily  managed  by  the  LAN  administrator. 

•  User  name  service.  By  implementing  a  name  server  which 
will  be  used  to  link  names  with  electronic  mail  boxes, 
users  will  be  able  to  have  their  own  virtual  address  from 
which  other  Internet  users  can  reach  them. 
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•  TELNET  availability.  Provides  for  TELNET  operations 
between  computers  external  to  the  LAN  and  the  LAN  servers . 

•  Conservation  of  resources.  By  setting  up  a  gateway, 
individual  TCP/IP  installations  are  no  longer  necessary, 
saving  user  hard  disk  space.  The  software  is  executed  much 
like  any  other  application  program  stored  on  the  server. 

•  Economy  of  addressing.  Large  numbers  of  PC  hosts  make  for 
large  Internet  routing  tables .  Gateways  will  serve  as  the 
IP  address  point  as  opposed  to  individual  installations 
which  will  need  as  many  addresses  as  there  are  TCP/IP  user 
PCs. 

•  Simplified  network  structure.  Gateways  complement  subnet- 
ting  which  will  in  turn  present  to  outsiders  a  simpler 
view  of  the  campus  network  structure . 

•  Lower  campus  network  overhead.  The  campus  Internet 
administrator  will  have  less  maintenance  in  the  areas  of 
name  server  and  routing  table  maintenance. 

This  approach  to  providing  TCP/IP  service  yields  the  most 

functionality  and  also  the  most  benefits  to  both  LAN  user  and 

LAN  administrator. 

Jb.  Modified  Gateway  Disadvantages 

This  option,  while  providing  all  services  necessary 

to  the  Internet  user  is  not  without  its  disadvantages,  these 

being  the  following: 

•  Option  is  currently  unavailable.  To  the  author's  knowl- 
edge, this  option  is  only  conceptual  and  is  not  currently 
offered  by  TCP/IP  software  vendors.  For  this  capability  to 
be  offered,  vendors  must  be  made  aware  of  the  need  by 
users . 

•  Power  failures/glitches  will  cause  losses  of  E-mail/files. 
Given  the  centralized  implementation  of  this  option, 
which,  unlike  an  implementation  of  individual  hosts,  a 
power  loss  or  severe  fluctuation  could  cause  the  server  to 
become  inoperative,  resulting  in  host  unreachable  condi- 
tions, or  even  worse,  loss  of  a  disk  drive  resulting  in 
loss  of  all  accumulated  traffic.  (Schneidewind,  1991,  p. 
7) 
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•  Academic  setting  may  preclude  prompt  network  recovery.  The 
LAN  labs  are  designed  mostly  to  run  unattended.  A  loss  of 
power  or  a  glitch  that  requires  a  server  reboot  may  go 
unnoticed  for  hours  or  even  days,  causing  a  severe 
disruption  of  service. 

•  Name  server  maintenance  overhead.  Given  a  large  number  of 
students  who  may  desire  their  own  personal  Internet 
address  and  who  are  transient,  will  require  frequent  addi- 
tions/subtractions from  the  name  server  database  by  the 
LAN  manager. 

•  Name  Server  operation.  A  decision  that  will  have  to  be 
made  is  if  it  is  decided  to  operate  a  local  name  server, 
will  it  be  designed  to  Internet  standards?  Specifically, 
will  it  replicate  its  information  at  another  location  on 
another  name  server  to  preclude  service  interruption  in 
event  of  primary  name  server  failure? 


With  this  alternative,  LAN  users  will  have  the  same  services 
available  to  them  as  mainframe  TCP/IP  users,  but  without 
having  to  use  software  packages  such  as  SIMPC  to  communicate 
from  LAN  PCs  to  the  mainframe  simply  gain  access  to  TCP/IP. 

E.   CHAPTER  SUMMARY 

This  chapter  first  discussed  basic  concepts  such  as 
gateways  and  subnetting  before  examining  the  currently 
available  TCP/IP  host  option,  an  implementable  gateway  option, 
and  the  conceptual  modified  gateway  option.  It  was  first 
determined  that  a  PC  host  gives  all  the  functionality  desired 
in  a  TCP/IP  application,  while  being  human  and  hardware 
resource  intensive.  The  gateway  option,  while  eliminating  the 
problem  of  individual  TCP/IP  installations,  does  not  eliminate 
the  problems  of  assigning  Internet  addresses  to  individual  ma- 
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chines,  nor  the  lack  of  privacy  and  data  integrity.  Finally, 
the  modified  gateway  option  was  discussed  as  an  ideal  alterna- 
tive for  providing  TCP/IP  services,  while  minimizing  LAN 
manager  labor. 


44 


IV.   RECOMMENDATIONS  AND  CONCLUSIONS 

This  paper  began  with  a  general  discussion  of  the 
Internet,  its  importance,  and  why  the  Administrative  Sciences 
Department  is  currently  implementing  TCP/IP  on  both  networks 
in  IN-224.  The  body  of  this  paper  dealt  with  the  various 
options  to  consider  for  implementation  on  either  network,  with 
an  emphasis  on  factors  such  as  maintenance  and  functionality. 
Final  recommendations  will  summarize  this  thesis. 

A.   TCP/IP  IMPLEMENTATION  OPTIONS  FOR  IN-224  LANS 

Three  options  for  implementation  of  TCP/IP  on  the  local 
area  networks  in  Ingersoll  224  were  discussed  at  length  in  the 
body  of  this  thesis  .  One  of  the  main  concerns  that  surfaced  in 
all  of  the  options  is  that  of  electronic  mail  service  provided 
by  SMTP .  Concerns  were  expressed  about  maintaining  E-Mail 
privacy  and  file  integrity,  and  on  limiting  the  amount  of  LAN 
manager  labor  that  would  be  required  to  achieve  privacy  and 
integrity . 

Architectural  considerations  were  also  discussed  when 
examining  the  campus  Internet.  Based  on  those  considerations, 
the  following  policies  should  be  adopted:  use  subnetting 
combined  with  either  the  gateway  or  modified  gateway  option 
for  LAN  implementation.  It  should  be  noted  that  subnetting  is 
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being  used  in  1-224  combined  with  a  limited  form  of  the 
gateway  option.  The  preferred  option  -  the  modified  gateway 
option,  should  be  implemented  whenever  it  is  available  from 
vendors.  Refer  to  Figure  3.4  for  an  illustration  of  this 
option. 
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